| From: Reindl Harald <h.reindl(a)thelounge.net>
| Date: Sat, 24 Aug 2013 11:38:21 +0200
|
https://bugzilla.redhat.com/show_bug.cgi?id=3D319901
|
| looks like Redhat based systems are the only remaining
| which does not support EECDHE which is a shame these
| days in context of PRISM and more and more Ciphers
| are going to be unuseable (BEAST/CRIME weakness)
It might be the case that the NSA has their fingers in these ECC
standards.
Here's a Schneier article worth reading:
<
http://www.theguardian.com/world/2013/sep/05/nsa-how-to-remain-secure-sur...
In it, he recommends (among many other things):
Prefer conventional discrete-log-based systems over elliptic-curve
systems; the latter have constants that the NSA influences when
they can.
It could be (by accident) that Fedora is more secure due to patents!